Search This Blog

Showing posts with label D.C Police. Show all posts

Washington DC Police Hit by the Worst Ransomware Ever


In the U.S. capital, the police department experienced a major information leak after declining to satisfy the extortion demands of a Russian-speaking ransomware syndicate. As per the experts, the US police department has been hit by the worst ransomware ever. 

On Thursday 13th May, the Gang, identified as the Babuk Squad, published on the dark web, some thousands of confidential documents from the Washington Metropolitan Police Department. Hundreds of police officer intelligence documents, containing feeds from other agencies, such as the FBI and Secret Service, were discovered through a report by The Associated Press. 

Ransomware attacks have reached epidemic proportions as international gangs paralyze local and state governments, police, hospital, and private companies' computer networks. They need substantial payments for deciphering or to prevent the online leakage of stolen information. 

The Colonial Pipeline was shut down last week by a cyber-attack which caused gasoline stockpiling and panic buying across southeast sections of the nation's largest fuel pipeline. 

This Police data leak is "perhaps the most significant ransomware incident to date," due to the risks it poses for officers and civilians, said Brett Callow, a threat analyst and ransomware specialist at the Emsisoft security company. 

Most documents contained security details from many other law enforcement authorities regarding the inauguration of President Joe Biden, along with a connection to a militia group "embedded source." 

The two pipe bombs abandoned at the location of the Democratic Committee and the Republican National Committee before the revolt in the American Capitol on January 6 were studied by the FBI in one document. Yet another document explains the details. This involves "big data pull" from cell towers, as well as plans to "analyze purchases" of Nike shoes that a concerning individual uses. 

In response to an AP request for comments, the police department didn't initially respond but has reported earlier that personal data was compromised. 

Some of the information was subsequently leaked, exposing personal data from background checks of some officials, including information on previous use of drugs, financial conditions, and — in at least one instance — regarding past sexual assault. 

“This is going to send a shock through the law enforcement community throughout the country,” Ted Williams, a former officer at the department who is now a lawyer, told The Associated Press. 

Williams further added that it makes it harder for officers to do their work because of background checks and administrative files publicly disclosed.

“The more the crooks know about a law enforcement officer, the more the crooks try to use that for their advantage,” he said. 

Recently the Babuk community demanded $4 million to not publish the archives, but only around $100,000 was provided. The Ministry did not say whether it offered it. Any discussions will show the difficulty of the issue of ransomware, with the police forced to consider paying for criminal gangs.

Hacking Group That Targeted D.C. Police Briefly Posts Internal Police Files


Hackers who allegedly gained access to the D.C. police department's computer network briefly posted the personnel files of at least five current and former officers, a gambit one security expert believes was intended to show that the group's threats are legitimate. 

On Monday, Babuk issued the first warning to D.C. police by uploading screenshots of files the group claimed to have stolen. The group claims to have 250 GB of data, which is enough to store 70,000 images or thousands of pages. 

According to Brett Callow, an analyst for the New Zealand-based cybersecurity firm Emsisoft, which has been monitoring the hack, the documents posted on Wednesday ran into the hundreds of pages and included names, Social Security numbers, phone numbers, financial and housing records, job histories and polygraph assessments. 

In a statement, the hacking group Babuk warned police to "get in touch as soon as possible and pay us, otherwise, we will publish the data." Officials in Washington, D.C., have not commented about whether they are in contact with the group. One of the former officers identified in the leak was contacted by NBC News, who confirmed the information was accurate. The officer's identity was not revealed. 

One of the records reviewed by The Washington Post is marked “background investigation document” and “confidential”. The 576-page file includes details of when an officer was going through a background check to be hired in 2017. It contains the officer's financial and banking details, as well as a photocopy of the officer's driver's license, social media posts, a private cell phone number, and answers to questions about past marijuana usage. 

The records were taken down later on Wednesday, according to Callow. However, the group issued a new alert on its dark Web site sometime Thursday, stating only that the police “now determine if the leak will be or not.” The threat was also removed later. 

This week, D.C. police said they were "aware of unauthorized access on our server" and were trying to "determine the full impact." The FBI was called in to assist with the investigation. Babuk has threatened to reveal confidential sources and reports with titles like "known shooters," "most violent person," "RAP feuds," "gang conflict report," and "strategic crime briefings," among others. 

Acting D.C. police chief Robert J. Contee III sent an email to more than 3,600 officers on Wednesday night, reporting that the hacking group had stolen human resource files containing officers' personal information. Officers are told how to get free copies of their credit reports in the email. Officers may also put "fraud notices" on their credit reports, requiring someone who wants to access the data to seek additional permissions. 

According to Adam Scott Wandt, an assistant professor of public policy in the cybersecurity programme at John Jay College of Criminal Justice, “The data leak could reveal informants, putting their lives in danger. This criminal organization poses a very serious and dangerous threat.” Wandt stated, "The amount of harm that can be done is simply enormous. It has the potential to obstruct ongoing investigations. Imagine looking up your name on Google and seeing a data dump that reveals you're being investigated for fraud or drug dealing.” 

The D.C. police department, according to Callow, "has no good choices." The data will be released if they do not pay. If they pay, all they have to do now is trust the criminals to delete the stolen information. “However, why would they?” 

According to a study released by Emsisoft, 2,354 agencies and businesses were targeted last year in ransomware attacks. There were 113 local, state, and federal governments, 560 healthcare facilities, and 1,681 educational institutions included in the list. The groups also gain access to private networks, shut down systems, and then demand payment to restore services. In 2019, a cyberattack crippled Baltimore's ability to process payments and conduct online real estate transactions. According to the Baltimore Sun, the attack cost the city $18 million in lost revenue as well as money spent to repair systems and boost security.

D.C. cops are being targeted by a new type of extortion scheme in which data is stolen and bribes are demanded to keep it from being published, stated cybersecurity experts. According to Callow, the group appears to have raw knowledge based on Wednesday's postings of real data files.